Businesses Under Pressure To 'Consumerize' Logins

Almost two-thirds (64 percent) of IT leaders say their security teams are considering implementing consumer-grade access to cloud services for employees. From a report: According to the 2018 Identity and Access Management Index from digital security company Gemalto 54 percent of respondents believe that the authentication methods they implement in their businesses are not as good compared to those found on popular sites including Amazon and Facebook. Authentication methods applied in the consumer world can be applied to secure access to enterprise resources 70 percent of IT professionals believe. But despite this, 92 percent of IT leaders express concern about employees reusing personal credentials for work. This comes as 61 percent admit they are still not implementing two-factor authentication to allow access to their network, potentially leaving themselves vulnerable to cyber criminals.

Just more offloading of responsibility

[ErichTheRed]

I'm involved in a big cloudification project and there is absolutely pressure to use consumer-grade identity services instead of your own. It's part of the massive responsibility offload that's happening. "Oh, the cloud will do that." "Oh, this SaaS product Just Works (TM)". While this is true in many cases, I highly doubt an IT department in any sort of established company is going to want Facebook to be the _default_ identity provider. I can see a use case where you have essentially "throwaway" users who work for a week or so then disappear...but if your workers generate documents and need access to shared resources, do you really want Facebook or Google knowing what they do with their IDs when logged on?

As it is now, Amazon, Google, Facebook and Microsoft may very well end up the 4 biggest "keepers of identity" at least in the consumer space. Tech has a way of running in cycles though. I saw a very interesting article a while back that wrote out what I was thinking...everyone is assumed to be a "digital native" and tech genius just because they grew up with the Internet and the smartphone, but the reality is that people actually know way less than they had to in the past. If something isn't more than a few taps and swipes away, most born-on-the-smartphone users are lost.

You're hired!

[Cajun+Hell]

You're hired, congratulations. Here's a W-4 to fill out. Give it to Julie when you're done and she'll also need to photocopy your driver's license.

Oh, and you'll need to choose an authentication provider. If you choose Blue Cross for your logins, you get 3% off your first month of health insurance premiums, but if you choose Facebook, you get three months of free TV service. I think Google doesn't have a deal right now, but if you already have an account there, it might be more convenient. Bank of America is a good option too, but the terms are that you have to carry your phone, running their app, everywhere and they'll penalize you with failed logins if you ever turn it off, so don't do that or we'll have no choice to fire you because you have to be able to log in. Subway's login system gets you loyalty points good for lunch purchases; that's a popular one. Southwest gets you a frequent flyer mile with every login. And I'm sure you saw in the news, our PR division said we had to cancel our NRA login agreement but the legislature is probably going to make us undo that in a few weeks.